Wireless Encryption Protocols Flashcards
802.11i
IEEE security standard for 802.11 wireless networks. It introduced robust enhancements such as WPA2
WEP (Wired Equivalent Privacy)
WEP is an early encryption protocol for Wi-Fi using the RC4 stream cipher for confidentiality and a CRC-32 checksum for data integrity. It provides basic encryption but is highly vulnerable.
EAP (Extensible Authentication Protocol)
EAP is an authentication framework, that allows for various methods such as token cards, certificates, or username/password. It is commonly used in enterprise wireless networks with RADIUS.
LEAP (Lightweight EAP)
LEAP is a proprietary EAP method developed by Cisco. It uses dynamic WEP keys and username/password for authentication, has largely been deprecated.
WPA (Wi-Fi Protected Access)
WPA was a transitional security protocol using TKIP and a 48-bit IV. It added message integrity checks (MIC) and dynamic key changes but retained use of RC4, making it more secure than WEP but still vulnerable.
TKIP (Temporal Key Integrity Protocol)
TKIP was introduced with WPA to improve WEP. It includes per-packet key mixing, a 48-bit IV, and a MIC (Message Integrity Code), but remains weaker than AES and is considered deprecated.
WPA2
WPA2 replaces TKIP with AES for encryption and uses CCMP for integrity. It’s based on the full 802.11i standard, offering stronger security, especially in enterprise settings.
AES (Advanced Encryption Standard)
AES is a symmetric block cipher using key sizes of 128, 192, or 256 bits. In WPA2, it provides robust encryption when paired with CCMP, replacing the weaker RC4 used in WEP/WPA.
CCMP (Counter Mode CBC-MAC Protocol)
CCMP is the encryption and integrity protocol used with AES in WPA2. It provides confidentiality via counter mode and integrity through CBC-MAC.
WPA2 Enterprise
WPA2 Enterprise combines WPA2 encryption with EAP-based authentication using a RADIUS server. It provides individual credentials per user, enabling better access control and auditability.
RADIUS (Remote Authentication Dial-In User Service)
RADIUS is a centralized AAA (Authentication, Authorization, Accounting) server used in enterprise networks to authenticate users (typically with EAP) and manage access to network resources.
PEAP (Protected EAP)
PEAP encapsulates EAP messages within a secure TLS tunnel, providing encryption of the authentication exchange, preventing eavesdropping and man-in-the-middle attacks.
WPA3 Enterprise
WPA3 Enterprise offers the highest level of wireless security, using 256-bit GCM (Galois/Counter Mode) for encryption and HMAC-SHA-384 for authentication. It ensures forward secrecy and stronger cryptographic protections.
Main Advantages of WEP
WEP aimed to provide confidentiality (via RC4 encryption), access control (via shared key), and data integrity (via CRC-32), but all mechanisms are now considered insecure.
WPA3 Personal
WPA3 Personal uses Simultaneous Authentication of Equals (SAE) instead of PSK, offering protection against dictionary attacks, forward secrecy, and key recovery resistance.
Improvements in WPA3 over WPA2
- Secure handshake (SAE replaces PSK)\n- Wi-Fi Easy Connect for simplified IoT onboarding\n- Larger session keys\n- Support for unauthenticated encryption for open networks (OWE)
WEP Issues
- Plaintext IVs sent in cleartext\n- Vulnerable to passive data collection and key recovery\n- Susceptible to replay and brute-force attacks\n- Weak checksum (CRC-32) allows for integrity bypass
WPA Issues
- Susceptible to eavesdropping and packet spoofing\n- TKIP vulnerable to IP discovery and ARP attacks\n- Weak MIC susceptible to forgery\n- GTK (Group Temporal Key) discovery attacks
WPA2 Issues
- Dictionary attacks on pre-shared key (PSK)\n- KRACK (Key Reinstallation Attacks) exploit handshake flaws\n- Insecure WPS PIN brute-forcing\n- Group key exposure (GTK)\n- Susceptibility to DoS and MITM attacks
